New OSX.RSPlug variant masquerading as media applications

Security firm Sophos has a video of a new version of the RSPlug OS X trojan, …

Most of our readers know that you shouldn't download questionable files, but that warning tends to get filed away pretty quickly if you're using Mac OS X. If you need a quick reminder of why security is important, however, a recent video by antivirus vendor Sophos that shows the OSX.RSPlug.F trojan appearing on the Internet as a media player application should do the trick nicely, though it might make you a bit paranoid about your downloads for a while.

The OSX.RSPlug trojan has been around for a while now, most recently appearing as a Flash installer. Unlike previous versions of the trojan, the RSPlug.F variant isn't just found on porn sites, either. One version of the trojan calls itself MacCinema, while the version shown in the video bills itself as an HDTV application named HDTV Player. The website in the video looks legitimate; it appears to be a pretty close copy (right down to the box art) of the product page for a legitimate application with the same name.

Once the software has been downloaded, the user still needs to enter a password before the trojan can install itself. Still, many unsuspecting victims decide whether software is legitimate before they download it, so they likely wouldn't have qualms handing over a password. As Sophos notes, this variant of the RSPlug trojan is more of a social engineering exercise than anything else, but it does serve as a reminder that even OS X users should be wary when downloading software.

Originally posted by Jimmyeatapple:I mean come on! We need a new name for this, it isn't really a trojan if it requires the user find it and install it!?!

Er, yes, that's exactly what a trojan is, considering the name is a shortened form of "trojan horse".

Ahem:

quote:

I have always laughed at the current state of Greek battle techniques.

1. Park the horse in front of their gates, as if they'll take that instead of some giant statue or a thousand slave women.2. GET THEM TO OPEN THEIR GATES3. Have them AGREE to take the horse inside4. You have a bunch of angry Greeks.

I have always laughed at the current state of Greek battle techniques.

1. Park the horse in front of their gates, as if they'll take that instead of some giant statue or a thousand slave women.2. GET THEM TO OPEN THEIR GATES3. Have them AGREE to take the horse inside4. You have a bunch of angry Greeks.

Thanks for saving me the time and hassle of coming up woth a sufficiently creative way to make fun of Jimmyeatapple for missing this one.